[Samba] domain logons - prevent multiple logins with the same account

Ulf Norén Ulf.Noren at miun.se
Mon Feb 12 10:28:54 GMT 2007

On Monday 12 February 2007 11:03, Nagy Zoltan wrote:
> hi
> i'm trying to solve this problem, i've came up with a solution, but i don't
> think that this is the best availibe method for this problem i read about
> that samba does provides a 'preexec' call that can prevent a share to be
> accessed, and i figured out, that with this i can reject access to a share
> if the user have already logged in from another maschine. and if i wrote
> the currently logged in computer name to a file on a share that can be
> accessed when the login is unsuccessfull, i can pop up a dialog on the
> client from the network logon script at client side when it detects that
> the user is trying to login to the domain twice, and write him where he
> have been logged in before.
> so..solution's logical outline:
> samba
> 	* [netlogon]
> 		* logon.bat
> 			* compare  $home/.login_magic, $profile/.login_magic, if not the same,
> the client is trying to login twice.. pop-up message box with
> $home/.successfull_login_machine_name
> 				logoff user
> 			* this file check's %home%/.successfull_login_machine_name
> 	* [profiles]
> 		preexec close=yes
> 		preexec = prevent_multiple_logon.bash
> 			* if machine is the first login to the domain
> 					write machine name to $home/.successfull_login_machine_name
> 					write a random number to $home/.login_magic, $profile/.login_magic
> 					return ok
> 				else
> 					return false
> 	* [homes]
> 		not protected with preexec
> i haven't found a solution to prevent the client from logging in when the
> profile connection has been rejected, maybe i've missed the setting on the
> windows local security policy settings panel
> or i've missed a configuration option in my samba config?
> any suggestions? :)
> best regards, kirk

I have done this.

just put the preexec in the global scope.

preexec close=yes
preexec = prevent_multiple_logon.bash



Ulf Norén
IT-avd, Mittuniversitetet

More information about the samba mailing list